<?php
session_name(DicomScienceAdmin);
session_start();
$username = $_SESSION['username'];

if ($username == ""){
	Header("Location: index.php");
	exit();
}

?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
		<title><?php echo "DicomScience Adminstration :: ". $username; ?></title>
		<link rel="stylesheet" type="text/css" href="admin.css">
		<script src="admin.js" type="text/javascript"></script>
	</head>
	<body onload="useradmin()" onresize="useradmin()">
		<div id="overlay">
			<div id="back">
				<form action="main.php" method="POST">
					<input id="backbutton" type="submit" value="" />
				</form>
			</div>
			<div id="adduserbutton" onclick="showAddUserDialogue()"></div>
			<div id="adduser">
				<form action="adduser.php" method="POST">
					<input onclick="clearNewFirstname()" class="newuserdata" id="firstname" name="firstname" type="text" value="First Name" />
					<input onclick="clearNewGivenname()" class="newuserdata" id="givenname" name="givenname" type="text" value="Given Name" />
					<input onclick="clearNewUsername()" class="newuserdata" id="username" name="username" type="text" value="Username" />
					<input onclick="clearNewPassword()" class="newuserdata" id="password" name="password" type="password" value="password" />
					<select class="newuserdata" name="userlevel" id="userlevel" size="3">
							<option selected value="1">Blogger</option>
							<option value="3">Case Author</option>
							<option value="9">Administrator</option>
					</select>
					<input id="newuserok" class="newuserdatabutton" type="submit" value=""/>
					
				</form>
				<div class="newuserdatabutton" id="newusercancel" onclick="newusercancel()"></div>
			</div>
			<div id="userlist">
				<?php
					include ('../includes/gset.php');
					include ('../includes/database/connect.php');
					$sql_getUsers = "SELECT id_staff, username, password, firstname, lastname, userlevel FROM staff ORDER BY (lastname) ASC;";
					$getUsers = mysql_query($sql_getUsers);
					include ('../includes/database/closedb.php');
					
					while($users = mysql_fetch_object($getUsers)){
						
						$staffId = $users->id_staff;
						$usrname = $users->username;
						$password = $users->password;
						$firstname = $users->firstname;
						$lastname = $users->lastname;
						$level = $users->userlevel;
						
						if ($level == 1){
							$levelname = "Blogger";
						}elseif($level == 3){
							$levelname = "Case Author";
						}elseif($level == 9){
							$levelname = "Administrator";
						}
						
						echo "<p class=\"edituser\" onclick=\"showUserDetails($staffId)\"><b>$usrname</b> - $lastname, $firstname - <i>$levelname</i></p>";
						echo "<div id=\"$staffId\" class=\"userdetails\">";
							echo "<form action=\"modifyuser.php\" method=\"post\">";
								echo "<input type=\"text\" name=\"mUserName\" class=\"moduserdata\" value=\"$usrname\">";
								echo "<input type=\"text\" name=\"mGivenName\" class=\"moduserdata\" value=\"$lastname\">";
								echo "<input type=\"text\" name=\"mFirstName\" class=\"moduserdata\" value=\"$firstname\">";
								echo "<input type=\"password\" name=\"mPassword\" class=\"moduserdata\" value=\"$password\">";
								echo "<select name=\"mUserLevel\" class=\"moduserdata\" size=\"3\">";
									if($level == "1"){
										echo "<option selected value=\"1\">Blogger</option>";
										echo "<option value=\"3\">Case Author</option>";
										echo "<option value=\"9\">Administrator</option>";
									}elseif($level == "3"){
										echo "<option value=\"1\">Blogger</option>";
										echo "<option selected value=\"3\">Case Author</option>";
										echo "<option value=\"9\">Administrator</option>";
									}elseif($level == "9"){
										echo "<option value=\"1\">Blogger</option>";
										echo "<option value=\"3\">Case Author</option>";
										echo "<option selected value=\"9\">Administrator</option>";
									}
								echo "</select>";
								echo "<input type=\"hidden\" name=\"mUserId\" value=\"$staffId\"/>";
								echo "<input type=\"submit\" class=\"modifyDo\" value=\"\" />";
							echo "</form>";
							echo "<form action=\"deleteuser\" method=\"post\">";
							echo "<input class=\"deleteuser\" type=\"submit\" value=\"\" />";
							echo "<input type=\"hidden\" value=\"$staffId\" name=\"staffid\">";
							echo "</form>";
						echo "</div>";
						
					}
				?>
			</div>
		</div>
	</body>
</html>